Edit Application Network Policy Rules
Lets see how to edit application network policy rules
for Zscaler CloudBlade.
Once the CloudBlade configures the appropriate
Standard VPN objects within Prisma SD-WAN and Zscaler, the administrator
can reference the path (Standard VPN) and service group (Zscaler)
within application network policies. The ION devices will make intelligent
per-app path selections using the network policies to chain multiple
path options together in Active-Active and Active-Backup modes.
Example:
Application A: Take Standard VPN direct
to Zscaler.
Application B: Take Standard VPN direct
to Zscaler; Backup to Direct Internet.
Application C: Go to Internet via Prisma SD-WAN
Data Center; Backup to Standard VPN direct to Zscaler.
Application D: Use only Direct Internet.
The Prisma SD-WAN Secure Application Fabric (AppFabric) enables
granular controls for virtually unlimited number of policy permutations
down to the sub-application level. Here are some of the most common
examples of how traffic policy can be configured per application:
Send all internet-bound traffic from a set of branches
to a Zscaler datacenter. (Blanket Greylist)
Send all internet-bound traffic from a set of branches to
a Zscaler datacenter with the exception of specific known applications.
(Greylist-Whitelist)
Send all internet traffic direct to the internet except for
certain applications needing additional inspection or security. (Whitelist-Greylist)
